Security strategies for wireless networks

Secure with WPA2

As of this writing, wireless networks based on WPA2 are regarded as mostly secure. Dictionary attacks on the pre-shared key are the most promising vector – assuming the attacker has enough time and computer power. Theoretically, the broadcast and multicast keys represent another vulnerability. All network nodes need to know them, and an attacker who discovers one of the keys can at least sniff the key exchange between the access point and the workstation.

Thanks to the WPA2 standard's security design, modern wireless networks now have fairly effective security. The biggest factor of uncertainty is with the user. Today, wherever an inquisitive intruder gains access to a modern WLAN infrastructure and applies enough criminal energy to access the network and cause damage, a careless access point configuration is usually the root cause. So take some time to consider your WLAN router's individual settings carefully (Figure 2).

Figure 2: The Kismet WiFi scanner can check your own wireless network for vulnerabilities – and discover information about the protocols used on your network.

If you want to reduce the residual risk even further, you can add software-based protection for the WLAN. If you use a tunnel, such as a VPN with IPSec, you can raise the barrier even for experienced hackers. As is often the case, the free Linux operating system, with its many built-in security components, is a perfect choice for eliminating residual risk.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Go Wireless Intro

    When you’re going wireless,it pays to be careful. Get the right hardware,and make sure your network is as secure as you think it is.

  • Wireless Standards

    The IEEE 802.11 standards are at the center of the wireless revolution. The wireless alphabet starts with 802.11a and extends to 802.11n. Linux Magazine helps you get your wireless spelling right.

  • OpenVPN

    Wireless networks are practical but dangerous at the same time.WEP encryption is unlikely to stop an attacker. But help is at hand in the form of add-on security measures such as an encrypted OpenVPN tunnel.

  • iNet Wireless Daemon

    Intel's iNet wireless daemon offers virtually all of the features found in the obsolete WPA Supplicant, and it is smaller by a factor of 10.

  • Wifislax 4.6

    Almost every wireless LAN has some potential security weaknesses. The Wifislax Slackware derivative helps detect and eliminate them.

comments powered by Disqus

Direct Download

Read full article as PDF:

028-030_wlan.pdf  (277.89 kB)